Bug#892945: Cannot start domain using user session
Guido Günther
agx at sigxcpu.org
Mon Jul 23 08:08:13 BST 2018
Hi,
On Tue, Jul 10, 2018 at 12:06:13AM +0200, Michael Biebl wrote:
> Am 09.07.2018 um 20:37 schrieb Ben Hutchings:
>
> > It is fairly mature, but it still has a large attack surface and
> > occasional security issues that can be exploited by the VM owner. So I
> > think it make sense to restrict access to the kvm group and local
> > logins. This should mitigate the security issues on multiuser systems
> > without too much disruption.
>
> Ok, let's go with 0660 (root:kvm) + uaccess then
> I'll include that in the next upload of udev.
Thanks a lot! This makes it a lot simpler for users to run qemu:///session.
-- Guido
More information about the Pkg-systemd-maintainers
mailing list